Documentation is quite specific and says that when Admin password is changed then root pasword changes to match.
This is true for, for example, ssh access but not true for me when trying to login using the Asustor Control Centre
I tried changing root password using passwd - which didn't complain but had no effect. I have successfully got root and admin using keyss for SSH and would like to be sure that root is not open to password attack, hence I'd like to know/change what that password is.
Root password not same as Admin
Moderator: Lillian.W@AST
-
- Posts: 3
- youtube meble na wymiar Warszawa
- Joined: Tue Aug 31, 2021 8:06 pm
- Nazar78
- Posts: 2064
- Joined: Wed Jul 17, 2019 10:21 pm
- Location: Singapore
- Contact:
Re: Root password not same as Admin
There's two level, app (Asustor Portal) and OS. From the documentation when you changed the admin password on the app, it will change both admin and root in the /etc/shadow. But if you changed from ssh, that's OS level and will affect only the one you had changed admin or root because the app is not aware of these changes.
Are you attempting to open ssh to the internet that you're concerned about password attacks? If yes then take every extra precaution by enabling ADM Defender auto block, use strong passwords, create another admin then disabled the default admin and finally use keys-only for root or totally disable root login - hint:
"PermitRootLogin without-password"
The last step is not official on ADM hence I'll not cover it here (Google?) and last I check it may require certain tweaks to make it persistent across reboots/upgrades.
Are you attempting to open ssh to the internet that you're concerned about password attacks? If yes then take every extra precaution by enabling ADM Defender auto block, use strong passwords, create another admin then disabled the default admin and finally use keys-only for root or totally disable root login - hint:
"PermitRootLogin without-password"
The last step is not official on ADM hence I'll not cover it here (Google?) and last I check it may require certain tweaks to make it persistent across reboots/upgrades.
AS5304T - 16GB DDR4 - ADM-OS modded on 2GB RAM
Internal:
- 4x10TB Toshiba RAID10 Ext4-Journal=Off
External 5 Bay USB3:
- 4x2TB Seagate modded RAID0 Btrfs-Compression
- 480GB Intel SSD for modded dm-cache (initramfs auto update patch) and Apps
When posting, consider checking the box "Notify me when a reply is posted" to get faster response
Internal:
- 4x10TB Toshiba RAID10 Ext4-Journal=Off
External 5 Bay USB3:
- 4x2TB Seagate modded RAID0 Btrfs-Compression
- 480GB Intel SSD for modded dm-cache (initramfs auto update patch) and Apps
When posting, consider checking the box "Notify me when a reply is posted" to get faster response
-
- Posts: 3
- Joined: Tue Aug 31, 2021 8:06 pm
Re: Root password not same as Admin
I changed the admin password via the portal using the Access Control>Local Users select admin Edit
At the foot of that page it says: Note: The expiration date and password for this account will be applied to the [root] account
When I ssh into the NAS with root or with admin it all works fine. It's just that when I use the portal invoked via Asustor Control Centre and use root as the user name it does not work.
The workaround is easy, don't try to login to portal using root - but I asked here in case this indicated there was a different password of unknown strength that still applied to root as a portal username.
No I didn't change the passwords when logged in via SSH.
...Ian.
At the foot of that page it says: Note: The expiration date and password for this account will be applied to the [root] account
When I ssh into the NAS with root or with admin it all works fine. It's just that when I use the portal invoked via Asustor Control Centre and use root as the user name it does not work.
The workaround is easy, don't try to login to portal using root - but I asked here in case this indicated there was a different password of unknown strength that still applied to root as a portal username.
No I didn't change the passwords when logged in via SSH.
...Ian.
- Nazar78
- Posts: 2064
- Joined: Wed Jul 17, 2019 10:21 pm
- Location: Singapore
- Contact:
Re: Root password not same as Admin
No you can't use root in the portal.
AS5304T - 16GB DDR4 - ADM-OS modded on 2GB RAM
Internal:
- 4x10TB Toshiba RAID10 Ext4-Journal=Off
External 5 Bay USB3:
- 4x2TB Seagate modded RAID0 Btrfs-Compression
- 480GB Intel SSD for modded dm-cache (initramfs auto update patch) and Apps
When posting, consider checking the box "Notify me when a reply is posted" to get faster response
Internal:
- 4x10TB Toshiba RAID10 Ext4-Journal=Off
External 5 Bay USB3:
- 4x2TB Seagate modded RAID0 Btrfs-Compression
- 480GB Intel SSD for modded dm-cache (initramfs auto update patch) and Apps
When posting, consider checking the box "Notify me when a reply is posted" to get faster response
-
- Posts: 3
- Joined: Tue Aug 31, 2021 8:06 pm
Re: Root password not same as Admin
Thank you, that's what I wanted to check. So I am now sure that there is NOT another password unknown to me which does work for root in the portal.
Appreciated. ...Ian.
Appreciated. ...Ian.